/*
 * 文件名：MyUserDetailService.java
 * 版权：Copyright by www.wootide.com
 * 描述：
 * 修改人：ozm
 * 修改时间：2013-1-24
 * 跟踪单号：
 * 修改单号：
 * 修改内容：
 */
package com.wootide.cms.sys.security.service;

import java.util.ArrayList;
import java.util.Collection;
import java.util.HashSet;
import java.util.List;
import java.util.Set;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.dao.DataAccessException;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.GrantedAuthorityImpl;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Service;
import com.wootide.cms.sys.common.pojo.RoleAuthoritiesInfo;
import com.wootide.cms.sys.common.pojo.UserRoles;
import com.wootide.cms.sys.role.pojo.RoleInfo;
import com.wootide.cms.sys.user.dao.UserInfoDao;
import com.wootide.cms.sys.user.pojo.UserInfo;

//你就可以从数据库中读入用户的密码，角色信息，是否锁定，账号是否过期
@Service
public class MyUserDetailService implements UserDetailsService
{
   
    //用户数据访问层实例
    private UserInfoDao usersDao;
 
    /**
     * 通过用户名获取用户信息
     * Description: <br>
     * Implement: <br>
     * @param userName 用户名
     * @return
     * @see
     * @return UserDetails 用户详情对象
     * @author ozm 
     */
    public UserDetails loadUserByUsername(String userName)
            throws UsernameNotFoundException, DataAccessException
    {
        
        UserInfo userInfo = usersDao.findOneUserByName(userName);
        
        if (null == userInfo)
        {
            //用户不存在
            throw new UsernameNotFoundException(userName);
        }
        
        Collection<GrantedAuthority> grantedAuths = obtionGrantedAuthorities(userInfo);
        
        //账号是否可用
        boolean enabled  = 0 == userInfo.getStatus()? true : false;
        //账号是否过期
        boolean accountNonExpired  = true;
        //证书是否过期
        boolean credentialsNonExpired = true;
        //账号是否锁定
        boolean accountNonLocked =  true;
        
        User user = new User(userName, userInfo.getPassword(), enabled
                , accountNonExpired, credentialsNonExpired, accountNonLocked, grantedAuths);
        
        return user;
    }
    
    /**
     * 获取用户菜单名称集合
     * Description: <br>
     * Implement: <br>
     * @param userInfo 要获取的用户
     * @return
     * @see
     * @return Set<GrantedAuthority> 菜单资源名称集合
     * @author ozm 
     */
    private Set<GrantedAuthority> obtionGrantedAuthorities(UserInfo userInfo)
    {
        Set<GrantedAuthority> authSet = new HashSet<GrantedAuthority>();
        //获得用户角色绑定信息
//        Set<UserRoles> userRoles = userInfo.getUserRoleses();
//        for (UserRoles userRole : userRoles)
//        {
//            //获得用户角色
//            RoleInfo roleInfo = userRole.getRoleInfo();
//            
//            //获得角色权限绑定
//            Set<RoleAuthoritiesInfo> roleAuthInfos = roleInfo.getRoleAuthoritiesInfos();
//            for (RoleAuthoritiesInfo roleAuthInfo : roleAuthInfos)
//            {
//                //构建权限名列表
//                authSet.add(new GrantedAuthorityImpl(
//                        roleAuthInfo.getAuthoritiesInfo().getAuthorityName()));
//            }
//            
//        }
        
        return authSet;
    }
    
    public UserInfoDao getUsersDao()
    {
        return usersDao;
    }

    public void setUsersDao(UserInfoDao usersDao)
    {
        this.usersDao = usersDao;
    }

   
}
